Pinned Repositories
BrowserHistory_ELK
Script parse the browser history (Chrome, IE, and Firefox) and push the results to elasticsearch database
CarbonBlack_TaskManager
This script used to manage running multiple tasks on Carbon Black sensors.
Desired_State_Configuration_Persistence
DFIR-Tools
All the useful tools interesting to be used
evtxtoelk
Push evtx files to elasticsearch database
JumpList_Lnk_Parser
Parser for both JumpList and Lnk files artifacts
SLAE
this folder contain all the documents and codes I used to gain the SLAE certificate
TorDetector
This script accept a text file and collect any IP address (based on its format x.x.x.x) and check if it is one of Tor exit nodes
VirusTotalHashScanner
Check a list of hashes against VirusTotal to get the result
Windows-Events
salehmuhaysin's Repositories
salehmuhaysin/DFIR-Tools
All the useful tools interesting to be used
salehmuhaysin/TorDetector
This script accept a text file and collect any IP address (based on its format x.x.x.x) and check if it is one of Tor exit nodes
salehmuhaysin/CarbonBlack_TaskManager
This script used to manage running multiple tasks on Carbon Black sensors.
salehmuhaysin/evtxtoelk
Push evtx files to elasticsearch database
salehmuhaysin/Desired_State_Configuration_Persistence
salehmuhaysin/JumpList_Lnk_Parser
Parser for both JumpList and Lnk files artifacts
salehmuhaysin/ListSSP
List Security Support Provider (SSP)
salehmuhaysin/BrowserHistory_ELK
Script parse the browser history (Chrome, IE, and Firefox) and push the results to elasticsearch database
salehmuhaysin/SRUM_parser
parse Windows System Resource Usage Monitor (SRUM)
salehmuhaysin/Yara_Duplicate_Rules
Python script to remove duplicate Yara rules from a specific file
salehmuhaysin/Sigma-Rules-to-Kibana
salehmuhaysin/VirusTotalHashScanner
Check a list of hashes against VirusTotal to get the result
salehmuhaysin/Windows-Events
salehmuhaysin/CSVFilterator
Filter CSV file (exclude/include) rows based on predefined rules
salehmuhaysin/Hoarder-1
salehmuhaysin/IoCs_detector
Detect indicator of compromise (MD5,SHA1,IP addresses) from a text file
salehmuhaysin/Kaizen-Arabia-CTF-Writeups
here are all my writeups for Kaizen Arabia CTF
salehmuhaysin/LinuxFileMetadata
This script collect the file metadata (path, MD5hash, file size, creation date, modification date, last access, owner, and file type) of all files in the system and exported to csv file
salehmuhaysin/SLAE
this folder contain all the documents and codes I used to gain the SLAE certificate
salehmuhaysin/Hoarder
This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole har drive.
salehmuhaysin/json_matcher
JSON matcher with lucene like query
salehmuhaysin/Kuiper-1
Digital Investigation Platform
salehmuhaysin/test
salehmuhaysin/TrustRecords
A Powershell script to search for TrustedRecords registry and parse the results
salehmuhaysin/webshell
This is a webshell open source project